Tech Stack

Description

You will lead high-stakes external audits (e.g., IRAP, ENS High) and serve as the primary contact for Financial Services customer audits. You'll own the end-to-end execution of compliance workstreams, perform gap analyses for new market expansions, and drive remediation tracking across technical teams.

Requirements

• 7+ years in GRC, Information Security, or IT Audit within a high-growth SaaS/Cloud environment
• Deep understanding of cloud security principles (AWS/GCP/Azure) and leading technical audits for ISO 27001, SOC 2, or ENS High
• Certifications such as CISA, CRISC, CISSP, or ISO Lead Implementer highly preferred
• Exceptional ability to lead meetings with external customers and auditors
• Advanced proficiency in Jira for tracking control performance data and managing remediation workflows

Responsibilities

• Lead end-to-end execution of specialized external audits (e.g., ENS High, IRAP, ISO 22301)
• Serve as lead point of contact for Financial Services customer audits, including security questionnaires
• Lead internal audit cadences and drive POA&M tracking process
• Map new regulatory requirements to central control framework and perform gap analyses
• Conduct NIST CSF or similar maturity assessments and report findings